Method and system for GNSS receiver login protection and prevention

ABSTRACT

Embodiments of the present invention recite a method and system for implementing login protection and prevention to a Global Navigation Satellite System (GNSS) receiver. In one embodiment, a geospatial data collection device which is communicatively coupled with a GNSS receiver is authenticated. It is then determined that the geospatial data collection device is authorized to collect data from a geographic region in which the GNSS receiver is located. The geospatial data collection device is then permitted access to a control interface of the GNSS receiver.

FIELD OF THE INVENTION

Embodiments of the present invention are related to geographic datareporting systems.

BACKGROUND OF THE INVENTION

Geographic data is increasingly used to provide geo-spatial data to awide variety of business, government, and academic applications.Increasingly, remote Global Navigation Satellite System (GNSS) receiversare used to collect data which can then be retrieved by a datacollection device. For example, the GNSS receivers can be used tomonitor ground movement due to plate tectonics. The GNSS receivers aretypically in communication, either via a wired or wireless communicationnetwork, with a data collection device which may be hundreds of milesaway.

In order to access the data collected by the GNSS receiver, the datacollection device accesses a command and control interface of the GNSSdevice. Using this interface, the data collection device can also changeconfiguration parameters of the GNSS receiver. In some instances, theprotocol for the command interface for GNSS receivers has essentiallybecome publicly available. As a result, un-authorized users may alsoaccess the control interface and re-configure the GNSS receiver, orretrieve data.

SUMMARY OF THE INVENTION

Embodiments of the present invention recite a method and system forimplementing login protection and prevention to a Global NavigationSatellite System (GNSS) receiver. In one embodiment, a geospatial datacollection device which is communicatively coupled with a GNSS receiveris authenticated. It is then determined that the geospatial datacollection device is authorized to collect data from a geographic regionin which the GNSS receiver is located. The geospatial data collectiondevice is then permitted access to a communication interface of the GNSSreceiver.

BRIEF DESCRIPTION OF THE DRAWINGS

The accompanying drawings, which are incorporated in and form a part ofthis specification, illustrate embodiments of the present invention and,together with the description, serve to explain the principles of theinvention. Unless specifically noted, the drawings referred to in thisdescription should be understood as not being drawn to scale.

FIG. 1 is a block diagram of exemplary components used in accordancewith embodiments of the present invention.

FIG. 2 is a block diagram of an exemplary Global Navigation SatelliteSystem (GNSS) receiver in accordance with embodiments of the presentinvention.

FIG. 3 shows an exemplary exchange of communications in accordance withan embodiment of the present invention.

FIG. 4 shows an exemplary exchange of communications in accordance withanother embodiment of the present invention.

FIG. 5 is a block diagram of an exemplary login protection andprevention system in accordance with an embodiment of the presentinvention.

FIG. 6 shows an exemplary look-up table used in accordance withembodiments of the present invention.

FIGS. 7A and 7B are a flowchart used by a login protection andprevention system in accordance with an embodiment of the presentinvention

FIG. 8 is a flowchart of a method for implementing login protection to aGlobal Navigation Satellite System (GNSS) receiver in accordance with anembodiment of the present invention.

FIG. 9 is a flowchart of another method for implementing loginprotection to a Global Navigation Satellite System (GNSS) receiver inaccordance with an embodiment of the present invention.

FIG. 10 is a flowchart of another method for implementing loginprotection to a Global Navigation Satellite System (GNSS) receiver inaccordance with an embodiment of the present invention.

FIG. 11 shows an exemplary computer system upon which embodiments of thepresent invention may be implemented.

DETAILED DESCRIPTION OF THE PREFERRED EMBODIMENT

Reference will now be made in detail to embodiments of the presentinvention, examples of which are illustrated in the accompanyingdrawings. While the present invention will be described in conjunctionwith the following embodiments, it will be understood that they are notintended to limit the present invention to these embodiments alone. Onthe contrary, the present invention is intended to cover alternatives,modifications, and equivalents which may be included within the spiritand scope of the present invention as defined by the appended claims.Furthermore, in the following detailed description of the presentinvention, numerous specific details are set forth in order to provide athorough understanding of the present invention. However, embodiments ofthe present invention may be practiced without these specific details.In other instances, well-known methods, procedures, components, andcircuits have not been described in detail so as not to unnecessarilyobscure aspects of the present invention.

Notation and Nomenclature

Some portions of the detailed descriptions which follow are presented interms of procedures, logic blocks, processing and other symbolicrepresentations of operations on data bits within a computer memory.These descriptions and representations are the means used by thoseskilled in the data processing arts to most effectively convey thesubstance of their work to others skilled in the art. In the presentapplication, a procedure, logic block, process, or the like, isconceived to be a self-consistent sequence of steps or instructionsleading to a desired result. The steps are those requiring physicalmanipulations of physical quantities. Usually, although not necessarily,these quantities take the form of electrical or magnetic signals capableof being stored, transferred, combined, compared, and otherwisemanipulated in a computer system.

It should be borne in mind, however, that all of these and similar termsare to be associated with the appropriate physical quantities and aremerely convenient labels applied to these quantities. Unlessspecifically stated otherwise as apparent from the followingdiscussions, it is appreciated that throughout the present invention,discussions utilizing terms such as “authenticating,” “determining,”“permitting,” “receiving,” “conveying,” “verifying,” “accessing,”“deriving,” “using,” “comparing” or the like, refer to the action andprocesses of a computer system, or similar electronic computing device,that manipulates and transforms data represented as physical(electronic) quantities within the computer system's registers andmemories into other data similarly represented as physical quantitieswithin the computer system memories or registers or other suchinformation storage, transmission or display devices.

FIG. 1 is a block diagram of exemplary components used in accordancewith embodiments of the present invention. In the embodiment of FIG. 1,a Global Navigation Satellite System (GNSS) receiver 110 iscommunicatively coupled with a geospatial data collection device 120 viaa communication network 130. In another embodiment of the presentinvention, GNSS receiver 110 and geospatial data collection device 120are communicatively coupled via an optional key server 140. Inembodiments of the present invention, GNSS receiver 110 is a devicewhich determines its geographic position and is capable of conveying thecollected position data to another device using a positioning systemsuch as the Global Navigation Satellite System (GNSS). Embodiments of aGNSS receiver in accordance with the present invention may utilize, butare not limited to, satellite position determining systems such asembodiments of the Global Positioning System (GPS), the GLONASS system,the Radio Navigation Satellite Service (RNSS), the Galileo system, theQuazi-zenith Satellite System (QZSS), and the Compass Navigation System.

In embodiments of the present invention, geospatial data collectiondevice 120 is an electronic device which is used to collect geospatialdata. For example, in one embodiment, geospatial data collection device120 is a Geographic Information System (GIS) data collector. In anotherembodiment, geospatial data collection device 120 is a Personal DigitalAssistant (PDA). In another embodiment, geospatial data collectiondevice 120 is a laptop computer system. In another embodiment,geospatial data collection device 120 is a personal computer system. Inanother embodiment, geospatial data collection device 120 is a positiondata server. In general, geospatial data collection device 120 utilizesa software program to interact with a command and control interface ofGNSS receiver 110 in order to configure, or collect data from, GNSSreceiver 110.

In embodiments of the present invention, communication network 130 is awireless communication network. In another embodiment, communicationnetwork 130 is a “wired” network which utilizes landlines tocommunicatively couple GNSS receiver 110 and geospatial data collectiondevice 120. It is noted that the communicative coupling between GNSSreceiver 110, geospatial data collection device 120, and/or key server140 may be a direct connection between those devices. For example, GNSSreceiver 110 and geospatial data collection device 120, and/or keyserver 140 may be directly coupled via a Bluetooth wireless connection,a radio link, an infrared communication link, or optical communicationlink. Alternatively, GNSS receiver 110, geospatial data collectiondevice 120, and/or key server 140 may be directly coupled via a datacable.

In embodiments of the present invention, GNSS receiver 110 utilizes asystem (e.g., system 500 of FIG. 5) which protects GNSS receiver 110from unauthorized login and thus prevents data collected by GNSSreceiver from being used by unauthorized users. Alternatively, system500 may be implemented by key server 140 which permits geospatial datacollection device 120 to access GNSS receiver 110 once a login procedureis completed. In one embodiment of the present invention, GNSS receiver110 utilizes the Trimcomm™ interface by Trimble Navigation Limited, 935Stewart Drive Sunnyvale, Calif., 94085. The Trimcomm™ interface is awell known format which can be used to configure a GNSS receiver (e.g.,GNSS receiver 110) and issue commands including commands causing GNSSreceiver 110 to send geographic position data. In another embodiment,GNSS receiver 110 utilizes the Trimble Standard Interface Protocol(TSIP), also by Trimble Navigation Limited, 935 Stewart Drive Sunnyvale,Calif., 94085. It is noted that while the present embodiments cite theseinterfaces specifically, embodiments of the present invention are notlimited to these interfaces alone and are well suited for loginprevention and protection of other command/configuration interfaces.

In one embodiment of the present invention, GNSS receiver 110, or keyserver 140, verifies the identity of geospatial data collection device120 before allowing it to access the control interface of GNSS 110. Inone embodiment, GNSS receiver 110, or key server 140, accesses adecryption key which is associated with geospatial data collectiondevice 120.

In another embodiment, GNSS receiver 110, or key server 140, determinesa geographic region identification descriptive of geospatial datacollection device 120. GNSS receiver 110, or key server 140, thendetermines whether the geographic region identification corresponds toits current geographic position. If the geographic region identificationof geospatial data collection device 120 corresponds to the currentgeographic position of GNSS receiver 110, GNSS receiver 110, or keyserver 140, permits geospatial data collection device 120 to access thecontrol interface of GNSS receiver 110.

In another embodiment, GNSS receiver 110, or key server 140, firstverifies the identity of geospatial data collection device 120. If GNSSreceiver 110, or key server 140, verifies the identity of geospatialdata collection device 120, it then determines whether a geographicregion identification descriptive of geospatial data collection device120 corresponds to the current geographic position of GNSS receiver 110.If the geographic region identification of geospatial data collectiondevice 120 corresponds to the current geographic position of GNSSreceiver 110, GNSS receiver 110, or key server 140, permits geospatialdata collection device 120 to access the control interface of GNSSreceiver 110. In another embodiment, GNSS receiver 110, or key server140, first determines whether a geographic region identificationdescriptive of geospatial data collection device 120 corresponds to thecurrent geographic position of GNSS receiver 110, If the geographicregion identification of geospatial data collection device 120corresponds to the current geographic position of GNSS receiver 110,GNSS receiver 110, or key server 140, then verifies the identity ofgeospatial data collection device 120. If GNSS receiver 110, or keyserver 140, verifies the identity of geospatial data collection device120, it then permits geospatial data collection device 120 to access thecontrol interface of GNSS receiver 110.

FIG. 2 is a block diagram of an exemplary Global Navigation SatelliteSystem (GNSS) receiver (e.g., 110 of FIG. 1) in accordance withembodiments of the present invention. In the embodiment of FIG. 2, GNSSreceiver 110 comprises an address/data bus 205 for conveying digitalinformation between the various components, a central processor unit(CPU) 210 for processing the digital information and instructions, avolatile memory 215 comprised of volatile random access memory (RAM) forstoring the digital information and instructions, and a non-volatileread only memory (ROM) 220 for storing information and instructions of amore permanent nature.

GNSS receiver 110 further comprises a position determining component 225for determining the geographic position (e.g., latitude and longitude)of GNSS receiver 110. It is noted that in embodiments of the presentinvention, position determining component 225 may be capable ofdetermining additional data such as the height of GNSS receiver 110and/or the current time. In another embodiment of the present invention,the satellite measurement data from satellites in view of GNSS receiver110 may be utilized without further processing to determine thegeographic position of GNSS receiver 110. In embodiments of the presentinvention, GNSS receiver 110 further comprises an antenna 230 coupledwith position determining component 225. As discussed above, while thepresent embodiment specifically cites a GNSS position determiningsystem, embodiments of the present invention are well suited to utilizea variety of terrestrial-based and satellite-based position determiningsystems as well.

GNSS receiver 110 further comprises an optional data input device 235(e.g., a keyboard, a cursor control device, a touch screen assembly, atrack-ball, joystick, or special keys on alpha-numeric input 107 capableof signaling movement of a given direction or manner displacement, etc.GNSS receiver 110 further comprises an optional data display device 240.In addition, GNSS receiver 110 may also include an optional data storagedevice 245 (e.g., a magnetic, optical, floppy, or tape drive or thelike) for storing vast amounts of data. In one embodiment, data storagedevice 245 is a removable data storage device. It should be noted thatthe software program for performing GNSS receiver login protection andprevention of the present invention may be stored either in volatilememory 215 or data storage device 245.

In the embodiment of FIG. 2, GNSS receiver 110 further comprises anoptional wireless input/output (I/O) device 250 and an optional dataport 255 for communicatively coupling GNSS receiver 110 with, forexample, geospatial data collection device 120 using a data cable.

In the embodiment of FIG. 2, GNSS receiver 110 further comprises anoptional supplemental positioning receiver 260. In embodiments of thepresent invention, supplemental positioning receiver 260 utilizessignals from sources other than GNSS satellites to determine thegeographic position of GNSS receiver 110. In embodiments of the presentinvention, these signals include, but are not limited to cellulartelephone signals, digital television signals, Long Range Radio Aid toNavigation (LORAN) signals, etc.

In the embodiment of FIG. 2, GNSS receiver 110 further comprises anoptional inertial measurement unit (IMU) 265. In embodiments of thepresent invention, inertial measurement unit 265 detects changes in themotion of GNSS receiver 110 which can be used to determine thegeographic position of GNSS receiver 110. In one embodiment of thepresent invention, inertial measurement unit 265 utilizes a gyroscope todetect changes in the motion of GNSS receiver 110. In anotherembodiment, inertial measurement unit 265 utilizes at least oneaccelerometer to detect changed in the motion of GNSS receiver 110. Itis noted that in one embodiment, an accelerometer capable of detecting achange of motion in more than one axis or plane of motion may be used byinertial measurement unit 265.

In the embodiment of FIG. 2, GNSS receiver 110 also comprises anoptional frequency input 270. In embodiments of the present invention,frequency input 270 receives a reference frequency output by a device(e.g., a GNSS reference station). GNSS receiver 110 may then synchronizeto the frequency received by frequency input 270.

In the embodiment of FIG. 2, GNSS receiver 110 also comprises anoptional frequency output 275. In embodiments of the present invention,GNSS receiver 110 may output a reference frequency which is used byother devices for synchronization as described above.

In the embodiment of FIG. 2, GNSS receiver 110 also comprises anoptional event input 280. In embodiments of the present invention, GNSSreceiver 110 can record an event and timestamp the event using eventinput 280.

In the embodiment of FIG. 2, GNSS receiver 110 also comprises anoptional pulse generator 285. In embodiments of the present invention,pulse generator 285 generates a one second pulse in response to atimestamp event initiated by event input 280. It is noted that thetiming of the pulse generated by pulse generator 285 may have a higheror lower frequency than one pulse per second in embodiments of thepresent invention. Additionally, pulse generator 285 may generate someother trigger in response to a timestamp event in embodiments of thepresent invention.

FIG. 3 shows an exemplary exchange of communications in accordance withan embodiment of the present invention. It is noted that while in theembodiment of FIG. 3, communications are shown between geospatial datacollection device 120 and GNSS receiver 110, in another embodiment theexchange of communications is between geospatial data collection device120 and key server 140. In other words, the messages received andgenerated by GNSS receiver 110 and/or other functions described withreference to FIG. 3 may instead be received and generated and/orperformed by key server 140 in embodiments of the present invention. Inthe embodiment of FIG. 3, geospatial data collection device 120generates a message (e.g., Get Options 310) to GNSS receiver 110 todetermine whether a login procedure is necessary in order to access thecontrol interface of GNSS receiver 110. In another embodiment,geospatial data collection device 120 generates the message (e.g., GetOptions 310) to key server 140 to determine whether a login procedure isnecessary in order to access the control interface of GNSS receiver 110,or receive data therefrom.

GNSS receiver 110, or key server 140, then generates a reply (e.g.,Login Required 320) which informs geospatial data collection device 120that a login is required in order to access the control interface ofGNSS receiver 110, or to receive data therefrom.

Geospatial data collection device 120 then generates a Check Statusmessage (e.g., 330) to determine whether it is currently logged into thecommand interface of GNSS receiver 110, or whether it is currentlylogged in with key server 140.

GNSS receiver 110 then generates a Negative Acknowledgement reply (e.g.,Nack 340) which informs geospatial data collection device 120 that it isnot currently logged into the command interface of GNSS receiver 110.Alternatively, key server 140 may generate a Negative Acknowledgementreply (e.g., Nack 340) which informs geospatial data collection device120 that it is not yet logged in with key server 140.

Geospatial data collection device 120 then generates a request forchallenge data (e.g., 350) along with a vendor identification and aproduct identification. As is discussed in greater detail below, thevendor identification is a unique identifier of a party who isauthorized to sell GNSS receiver 110, while the product identificationuniquely identifies the model number, series, or version, of GNSSreceiver 110. In another embodiment of the present invention, a uniqueidentification of a user of GNSS receiver and/or geospatial datacollection device 120 may be used. For example, in one embodiment, inaddition to generating a request for challenge data (e.g., 350) anidentification unique to the user of geospatial data collection device120 may be sent. It is noted that embodiments of the present inventionare not limited to using a product identification, vendoridentification, and/or user identification to identify geospatial datacollection device 120 or GNSS receiver 110.

In response to receiving the request for challenge, GNSS receiver 110,or key server 140, generates a challenge, or sequence, (e.g., 360) whichwill be used to authenticate the identity of geospatial data collectiondevice 120. In embodiments of the present invention, the challengecomprises, but is not limited to, a 14-byte sequence which is generatedusing a hash function in conjunction with an input sequence and aprivate key which is shared by GNSS receiver 110 and geospatial datacollection device 120. In one embodiment, the input sequence comprisesthe serial number of GNSS receiver 110 and the current time.

Upon receiving the challenge (e.g., from GNSS receiver 110, or from keyserver 140) geospatial data collection device 120 generates a challengeresponse, or message digest, (e.g., 370) which is sent to GNSS receiver110, or to key server 140. In one embodiment, the message digestgenerated by geospatial data collection device 120 comprises a 16-byteresponse. In embodiments of the present invention, generating themessage digest comprises geospatial data collection device 120encrypting the challenge data sent by GNSS receiver 110, or key server140, using the private key discussed above in conjunction with a hashingfunction which is similar to that used by GNSS receiver 110, or keyserver 140. The resulting encrypted message digest is then sent to GNSSreceiver 110, or key server 140.

Upon receiving the message digest (e.g., 370), GNSS receiver 110, or keyserver 140, tests the message digest sent by geospatial data collectiondevice 120 and sends a status message (e.g., 380) which informsgeospatial data collection device 120 if the login attempt has beensuccessful. In embodiments of the present invention, status message 380may tell geospatial data collection device 120 that the login attempthas failed, is successful, and how long before re-authentication isrequired, if a timeout is implemented by GNSS receiver 110, or keyserver 140. In one embodiment of the present invention, if key server140 determines that a login attempt by geospatial data collection device120 is successful, a message may be generated by key server 140 to GNSSreceiver 110 which facilitates the accessing of GNSS receiver 110 bygeospatial data collection device 120. In other words, key server 140permits geospatial data collection device 120 to access GNSS receiver110. In one embodiment, key server 140 may enable of communicationpathway between GNSS receiver 110 and geospatial data collection device120.

As described above, in one embodiment, testing the message digest 370 byGNSS receiver 110, or key server 140, comprises accessing the privatekey for geospatial data collection device 120 and determining whethermessage digest 370 comprises the correct response to challenge data 360.In other words, message digest 370 is decrypted using the hashingfunction in conjunction with the private key. If geospatial datacollection device 120 provides the correct response to challenge data360, its identity is considered to be authenticated. In anotherembodiment, GNSS receiver 110, or key server 140, determines whethergeospatial data collection device 120 is authorized to configure, orcollect data from, a GNSS receiver in the geographic region in whichGNSS receiver 110 is located.

In another embodiment, GNSS receiver 110, or key server 140, firstauthenticates the identity of geospatial data collection device 120 andthen determines whether geospatial data collection device 120 isauthorized to configure, or collect data from, a GNSS receiver in thegeographic region in which GNSS receiver 110 is located (or vice versa).In embodiments of the present invention, determining whether geospatialdata collection device 120 is authorized to configure, or collect datafrom, a GNSS receiver in the geographic region in which GNSS receiver110 is located is accomplished decrypting a geographic regionidentification which comprises a portion of the vendor identificationsent to GNSS receiver 110, or key server 140, in the request forchallenge data (e.g., 350). In embodiments of the present invention,this is decrypted using a second decryption key which is not shared withgeospatial data collection device 120. In one embodiment, the seconddecryption key may comprise a portion of the shared private key that isused to authenticate the identity of geospatial data collection device120. In another embodiment, the shared private key may be used todecrypt the geographic region identification from the vendoridentification.

FIG. 4 shows an exemplary exchange of communications in accordance withanother embodiment of the present invention. Geospatial datacollection-device 120 generates a command (e.g., 410) to GNSS receiver110. In embodiments of the present invention, the command generated bygeospatial data collection device 120 is a command to configure GNSSreceiver 110, or to retrieve data from GNSS receiver 110 via its commandinterface (e.g., the Trimcomm™ interface, the TSIP interface, or thelike).

GNSS receiver 110 then generates a Negative Acknowledgement reply (e.g.,Nack 420) which informs geospatial data collection device 120 that it isnot currently logged into the command interface of GNSS receiver 110, orwith key server 140, and cannot therefore utilize the command interfaceto generate commands for GNSS receiver 110, or receive data therefrom.

Geospatial data collection device 120 then generates a request forchallenge data (e.g., 430) along with a vendor identification and aproduct identification.

In response to receiving the request for challenge, GNSS receiver 110,or key server 140, generates a challenge, or sequence, (e.g., 440) whichwill be used to authenticate the identity of geospatial data collectiondevice 120. In embodiments of the present invention, the challengecomprises a 14-byte sequence which is generated using a hash function inconjunction with an input sequence and a private key which is shared byGNSS receiver 110 and geospatial data collection device 120. In oneembodiment, the input sequence comprises the serial number of GNSSreceiver 110 and the current time. In another embodiment in accordancewith the present invention GNSS receiver 110, or key server 140,generates a random number and, optionally, the current time or serialnumber of geospatial data collection device 120 which will be used toauthenticate the identity of geospatial data collection device 120.

Upon receiving the challenge from GNSS receiver 110, geospatial datacollection device 120 generates a challenge response, or message digest,(e.g., 450) which is sent to GNSS receiver 110, or key server 140. Inone embodiment, the message digest generated by geospatial datacollection device 120 comprises a 16-byte response. In embodiments ofthe present invention, generating the message digest comprisesgeospatial data collection device 120 encrypting the challenge data sentby GNSS receiver 110 using the private key discussed above inconjunction with a hashing function which is similar to that used byGNSS receiver 110. The resulting encrypted message digest is then sentto GNSS receiver 110, or key server 140.

Upon receiving the message digest (e.g., 450), GNSS receiver 110, or keyserver 140, tests the message digest sent by geospatial data collectiondevice 120 and sends a status message (e.g., 460) which informsgeospatial data collection device 120 if the login attempt has beensuccessful. In embodiments of the present invention, status message 460may tell geospatial data collection device 120 that the login attempthas failed, is successful, and how long before re-authentication isrequired, if a timeout is implemented by GNSS receiver 110, or keyserver 140.

As described above, in one embodiment, testing the message digest 450 byGNSS receiver 110, or key server 140, comprises accessing the privatekey for geospatial data collection device 120 and determining whethermessage digest 450 comprises the correct response to challenge data 440.In other words, message digest 450 is decrypted using the hashingfunction in conjunction with the private key. If geospatial datacollection device 120 provides the correct response to challenge data440, its identity is considered to be authenticated. In anotherembodiment, GNSS receiver 110 determines whether geospatial datacollection device 120 is authorized to configure, or collect data from,a GNSS receiver in the geographic region in which GNSS receiver 110 islocated. In another embodiment, key server 140 determines whethergeospatial data collection device 120 is authorized to configure, orcollect data from, a GNSS receiver in the geographic region in whichGNSS receiver 110 is located.

In another embodiment, GNSS receiver 110, or key server 140, firstauthenticates the identity of geospatial data collection device 120 andthen determines whether geospatial data collection device 120 isauthorized to configure, or collect data from, a GNSS receiver in thegeographic region in which GNSS receiver 110 is located (or vice versa).In embodiments of the present invention, determining whether geospatialdata collection device 120 is authorized to configure, or collect datafrom, a GNSS receiver in the geographic region in which GNSS receiver110 is located is accomplished decrypting a geographic regionidentification which comprises a portion of the vendor identificationsent to GNSS receiver 110 in the request for challenge data (e.g., 430).In embodiments of the present invention, this is decrypted using asecond decryption key which is not shared with geospatial datacollection device 120. In one embodiment, the second decryption key maycomprise a portion of the shared private key that is used toauthenticate the identity of geospatial data collection device 120. Inanother embodiment, the shared private key may be used to decrypt thegeographic region identification from the vendor identification. Inembodiments of the present invention, the second decryption key may bekept by GNSS receiver 110 or by key server 140.

FIG. 5 is a block diagram of an exemplary login protection andprevention system in accordance with an embodiment of the presentinvention. In embodiments of the present invention, system 500 may beimplemented as software and/or firmware instructions which areimplemented by GNSS receiver 110 or by key server 140 in embodiments ofthe present invention. In one embodiment, the components of system 500may be implemented by processor 210 of FIG. 2. Other components ofsystem 500 may be implemented as discreet hardware components of GNSSreceiver 110 or of key server 140. In the embodiment of FIG. 5, system500 comprises a communication interface 505.

In one embodiment, communication interface 505 comprises a wirelesscommunication interface (e.g., wireless input/output (I/O) device 250 ofFIG. 2 above). In another embodiment, communication interface 505comprises a wired communication interface (e.g., data port 255 of FIG. 2above). As shown in FIG. 5, system 500 further comprises anauthenticating component 510 which is communicatively coupled withcommunication interface 505. The embodiment of FIG. 5 further comprisesa geographic location verifier 520 which is communicatively coupled withauthenticating component 510 and with a control interface enabler 530.Control interface enabler 530 is in turn communicatively coupled withcontrol interface 540.

In one embodiment of the present invention, system 500 usesauthenticating component 510 to authenticate the identity of geospatialdata collection device 120. In one embodiment, if geospatial datacollection device 120 is authenticated, system 500 then uses geographiclocation verifier 520 to determine whether geospatial data collectiondevice 120 is authorized to configure and/or collect data from ageographic region in which GNSS receiver 110 is currently located. Ifgeospatial data collection device 120 is authorized to configure and/orcollect data from the geographic region in which GNSS receiver 110 iscurrently located, interface enabler 530 permits geospatial datacollection device 120 to access control interface 540 of GNSS receiver110. It is noted that in another embodiment, determining the geographicregion in which geospatial data collection device 120 is authorized toconfigure and/or collect data may be performed prior to, or simultaneouswith, authenticating the identity of geospatial data collection device120. In another embodiment of the present invention, interface enabler530 generates a message to GNSS receiver 110 which permits geospatialdata collection device 120 to access the control interface of GNSSreceiver 110. In another embodiment, interface enabler 530communicatively couples GNSS receiver 110 and geospatial data collectiondevice 120 in a communications pathway.

In the embodiment of FIG. 5, authenticating component 510 is forauthenticating the identity of, for example, data collection device 120.In FIG. 5, authenticating component 510 further comprises a vendoridentification receiver 511 which is for receiving vendor identificationfrom geospatial data collection device 120 and a product identificationreceiver 512 which is for receiving a product identification from datacollection device 120. As discussed above with reference to FIGS. 3 and4, the vendor identification and product identification may be conveyedduring request for challenge data (e.g., 350 and 430 of FIGS. 3 and 4respectively). In embodiments of the present invention, a vendoridentification is a unique identifier of a party who is authorized tosell GNSS receiver 110, while the product identification uniquelyidentifies the model number, series, or version, of GNSS receiver 110.In one embodiment, the vendor identification comprises a 40-bit sequenceof numbers and/or letters. However, embodiments of the present inventionare not limited to a 40-bit sequence alone. Alternatively, anidentification of the user of geospatial data collection device 120which is used by authenticating component 510.

In embodiments of the present invention, authenticating component 510further comprises a decryption key identifier 513 which is coupled withvendor identification receiver 511 and product identification receiver512. In embodiments of the present invention, GNSS receiver 110, or keyserver 140, uses the vendor identification and the productidentification to identify a decryption key based which is uniquelyidentified by the combination of the vendor identification, or useridentification, and the product identification. In one embodiment, GNSSreceiver 110 utilizes a look-up table to identify the correct decryptionkey as described below with reference to FIG. 4.

FIG. 6 shows an exemplary look-up table 601 used in accordance withembodiments of the present invention. In embodiments of the presentinvention, each vendor of geospatial data collection device 120 and/orGNSS receiver 110 is assigned a private key which is uniquely identifiedby GNSS receiver 110, or key server 140, using a vendor identification,or user identification, and product identification provided bygeospatial data collection device 120. In one embodiment, decryption keyidentifier 513 utilizes a look-up table similar to look-up table 601described below to determine which decryption key is identified by aparticular combination of a vendor or user identification and productidentification.

In the embodiment of FIG. 6, look-up table 601 comprises a vendoridentification field 610, a product identification field 620, and adecryption key field 630. It is noted that while look-up table 601utilizes a vendor identification field 610, other embodiments of thepresent invention may use some other form of identification, such as auser identification, in addition to, or instead of, vendoridentification field 610. In embodiments of the present invention, ashared private key (e.g., a decryption key) is identified by GNSSreceiver 110 using the vendor identification and the productidentification received from geospatial data collection device 120. Forexample, if GNSS receiver 110 receives the vendor identification A(e.g., 611 a) from vendor A and the product identification A (e.g., 621a) from geospatial data collection device 120, it can then determinethat the correct decryption key for authenticating geospatial datacollection device 120 is decryption key 631 a. In the embodiment of FIG.6, a second decryption key (e.g., 632 a) is also identified based uponthe vendor identification and product identification provided bygeospatial data collection device 120.

As will be discussed below, embodiments of the present invention use asecond decryption key (e.g., 632 a) to decrypt a portion of the vendoridentification in order to derive a geographic region identification. Inembodiments of the present invention, the geographic regionidentification facilitates determining whether geospatial datacollection device 120 is permitted to collect data from a geographicregion in which GNSS receiver 110 is currently located. In embodimentsof the present invention, the key used to decrypt the geographic regionidentification is not shared with geospatial data collection device 120,or the vendor thereof. In one embodiment, second decryption key 632 a isunique from decryption key 631 a. In another embodiment, seconddecryption key 632 a may comprise a portion of decryption key 631 a. Forexample, if decryption key 631 a a comprises a 128-bit decryption key,second decryption key 632 a may comprise the first 64 bits of decryptionkey 631 a, the last 64 bits of decryption key 631 a, etc. In anotherembodiment, decryption key 631 a may be used to derive the geographicregion identification descriptive of geospatial data collection device120 instead of second decryption key 632 a.

It is noted that a particular vendor identification may be associatedwith more than one product identification in embodiments of the presentinvention. For example, a vendor B may sell, or manufacture, a product Band a product C. Thus, in embodiments of the present invention, vendor Bis associated with a vendor identification 611 b, as well as productidentification B (e.g., 621 b) and product identification C (e.g., 621c). This prevents a particular vendor from using the same vendoridentification to access GNSS receivers which they are not authorized touse, or sell.

Returning to FIG. 6, if authenticating component 310 receives vendoridentification 611 b and product identification 621 b, decryption key631 b is used to authenticate geospatial data collection device 120 andsecond decryption key 632 b is used to decrypt the geographic regionidentification. If authenticating component 310 receives vendoridentification 611 b and product identification 621 c, decryption key631 c is used to authenticate geospatial data collection device 120 andsecond decryption key 632 c is used to decrypt the geographic regionidentification.

Returning again to FIG. 5, upon determining the correct decryption keyfor authenticating geospatial data collection device 120, authenticatingcomponent 510 uses sequence generator 516 to generate a sequence whichis used to authenticate geospatial data collection device 120. Inembodiments of the present invention, sequence generator 516 generates akeyed-hash message authentication code (HMAC) which is generated using ahashing algorithm such as the Message-Digest algorithm 5 (MD5) which isimplemented within a Hashed Message Authentication Code (HMAC)algorithm. However, embodiments of the present invention may utilizeother hashing functions which include, but are not limited to,implementations of the HAVAL, PANAMA, RIPEMD, SHA, TIGER, VEST, andWHIRLPOOL hashing algorithms.

As an example, in one embodiment, sequence generator 516 uses as aninput, the serial number of GNSS receiver 110 and the current time inorder to generate the sequence which is sent to geospatial datacollection device 120. Typically, geospatial data collection device 120will also utilize its hashing algorithm and private key (e.g., 631 a ofFIG. 6) to generate a response to the sequence generated by sequencegenerator 516.

In the embodiment of FIG. 5, authenticating component 510 furthercomprises a response receiver 515 for receiving, from geospatial datacollection device 120, a response to the sequence generated by sequencegenerator 516.

In the embodiment of FIG. 5, geospatial data collection device verifierd514 is used to verify the response to the message digest which isgenerated by geospatial data collection device 120. In embodiments ofthe present invention, geospatial data collection device verifier 514again uses decryption key 631 a in conjunction with the MD-5 hashingalgorithm to verify the response sent by geospatial data collectiondevice 120. In one embodiment of the present invention, if geospatialdata collection device 120 sends a correct response to GNSS receiver110, or to key server 140, authenticating component 510 generates asignal which causes control interface enabler 530 to allow geospatialdata collection device 120 to access control interface 540. In anotherembodiment, if geospatial data collection device 120 sends a correctresponse to GNSS receiver 110, or to key server 140, authenticatingcomponent 510 generates a signal and/or data to geographic locationverifier 520 to facilitate determining whether data collection device120 is permitted to collect data from a geographic region in which GNSSreceiver 110 is currently located. In another embodiment, authenticatingcomponent 510 determines the second decryption key (e.g., 632 a) whichis used by geographic location verifier 520 in determining whethergeospatial data collection device 120 is permitted to collect data froma geographic region in which GNSS receiver 110 is currently located. Inother words, authenticating the identity of geospatial data collectiondevice 120 is not performed.

In the embodiment of FIG. 5, upon verifying the identity of geospatialdata collection device 120, system 500 then determines geospatial datacollection device 120 is permitted to collect data from a geographicregion in which GNSS receiver 110 is currently located. If geospatialdata collection device 120 is not authenticated, control interface 540remains closed to geospatial data collection device 120.

In the embodiment of FIG. 5, vendor identification input 521 receivesthe vendor identification sent by geospatial data collection device 120via authenticating component 510. Decryption key input 523 accesses thesecond decryption key (e.g., 632 a of FIG. 6) from authenticatingcomponent 510. Geographic location verifier 520 then derives ageographic region identification (e.g., using geographic regionidentification deriver 522) to determine a geographic region in whichgeospatial data collection device 120 is authorized to collect dataand/or configure devices. For example, in one embodiment, the vendoridentification, user identification, or some other unique identificationof geospatial data collection device 120 (e.g., 611 a) comprises a40-bit alpha-numeric sequence. In one embodiment, 8 bits of the 40-bitalpha-numeric sequence actually identify the user or vendor of GNSSreceiver 110 and/or geospatial data collection device 120, while a 2-bitsequence within the vendor identification or user identificationassociated with geospatial data collection device 120 comprises anencrypted geographic region identification. In embodiments of thepresent invention, geographic region identification deriver 522 usessecond decryption key 632 a to derive the geographic regionidentification from the encrypted sequence within vendor identification611 a.

As described above, the geographic region identification geographicregion in which geospatial data collection device 120 is authorized tocollect data and/or configure devices. In one embodiment, the derivedgeographic region identification is input to geographic regioncomparator 524. Geographic position input 525 receives the currentgeographic position of GNSS receiver 110 from position determiningcomponent 225. This is also input to geographic region comparator 524.Geographic region comparator 524 then compares the derived geographicregion identification with the current geographic position of GNSSreceiver 110. If it is determined that the current geographic positionof GNSS receiver 110 is within the geographic region described by thegeographic region identification of geospatial data collection device120, a signal is generated which causes control interface enabler 530 toallow geospatial data collection device 120 to access control interface540.

In embodiments of the present invention, the vendor identification sentby geospatial data collection device 120 comprises a unique vendoridentification, or another identification which uniquely identifiesgeospatial data collection device 120 or a user thereof, and anencrypted geographic region identification.

FIGS. 7A and 7B are a flowchart 700 used by a login protection andprevention system in accordance with an embodiment of the presentinvention. In step 705, a request for challenge data is received by GNSSreceiver 110, or by key server 140. As described above with reference toFIG. 4, if geospatial data collection device 120 attempts to generate acommand to GNSS receiver 110 without first logging in, GNSS receiver110, or key server 140, will respond with a Nack message (e.g., 420 ofFIG. 4). Geospatial data collection device 120 will then generate arequest for challenge data (e.g., 430 of FIG. 4) in order to initiatelogging in to the control interface of GNSS receiver 110, or to accesstherefrom. Alternatively, geospatial data collection device 120 maygenerate a check status message (e.g., 330 of FIG. 3) which will againresult in the Nack message (e.g., 340 of FIG. 3).

In step 710, a vendor identification or another unique identification isreceived by GNSS receiver 110, or by key server 140. In embodiments ofthe present invention, geospatial data collection device 120 alsoconveys a vendor identification or another unique identification to GNSSreceiver 110, or to key server 140. In one embodiment, this is sentalong with the request for challenge data. In another embodiment, therequest for challenge data may be sent in a separate, discreet message.

In step 715, a product identification is received by GNSS receiver 110,or key server 140. In one embodiment, the product identification is sentby geospatial data collection device 120 at the same time as the requestfor challenge data and/or the vendor identification. In anotherembodiment, the product identification may be sent in a separate,discreet message.

In step 720, a decryption key is identified using the vendoridentification, or other identification, and the product identification.As described above, embodiments of the present invention use the productidentification and the vendor identification, or another identification,to determine which private decryption key will be used to authenticatethe identity of geospatial data collection device 120.

In step 725, challenge data is generated by GNSS receiver 110, or by keyserver 140. As described above, in embodiments of the present inventionGNSS receiver 110 or key server 140 utilizes a hashing functionimplemented within an HMAC algorithm in conjunction with an inputsequence and the decryption key identified in step 720 above to generatea challenge to geospatial data collection device 120.

In step 730, a message digest is received by GNSS receiver 110, or bykey server 140. In embodiments of the present invention, geospatial datacollection device 120 decrypts the challenge generated by GNSS receiver110, or key server 140, in step 725 and generates an encrypted messagedigest in response which is received by GNSS receiver 110, or by keyserver 140.

In step 735, a second decryption key is identified using the vendoridentification, or another unique identification, and the productidentification. As described above with reference to FIG. 6, in oneembodiment a second decryption key is used to decrypt a geographicregion identification which is associated with geospatial datacollection device 120.

In step 740, the message digest is decrypted using the decryption keyidentified in step 730. As described above, GNSS receiver 110, or by keyserver 140, decrypts the message digest sent by geospatial datacollection device 120.

In step 745, a logical operation is performed to determine whether thereceived message digest is the correct response to the challenge datagenerated in step 720. GNSS receiver 110, or key server 140, thendetermines whether the response to the challenge data (e.g., messagedigest 450 of FIG. 4) is the correct response to the challenge datagenerated in step 725.

In step 750 login to the control interface of GNSS receiver 110 isprevented. If GNSS receiver 110, or key server 140, determines thatgeospatial data collection device 120 has sent an incorrect response toits challenge data, GNSS receiver 110, or key server 140 will preventlogin to the control interface (e.g., 540 of FIG. 5) of GNSS receiver110. In the embodiment of FIGS. 7A and 7B, method 700 then proceeds tostep 755. However it is noted that in another embodiment of the presentinvention, method 700 may proceed directly to step 780 if it isdetermined that geospatial data collection device 120 has provided thecorrect response to the challenge data.

In step 755, the vendor identification, or another identification isdecrypted using the second decryption key identified in step 735. Asdescribed above, in embodiments of the present invention geographiclocation verifier 520 may use a second decryption key (e.g., 632 a ofFIG. 6) to derive a geographic identification from an encrypted portionof a vendor identification (e.g., 611 a of FIG. 6). Alternatively,geographic location verifier 520 may use a second decryption key (e.g.,632 a of FIG. 6) to derive a geographic identification from an encryptedportion of a user identification sent by geospatial data collectiondevice 120. In another embodiment, the unique identification may beassociated with geospatial data collection device 120 itself.

In step 760, a geographic identification is determined. In embodimentsof the present invention, the decrypted geographic identificationdescribes a region in which geospatial data collection device 120 isallowed to configure and/or retrieve data from GNSS receivers locatedtherein.

In step 765, the current geographic position of GNSS receiver 110 isdetermined. In embodiments of the present invention, the currentgeographic position of GNSS receiver 110 is then determined usingposition determining component 225. In one embodiment, this is used byGNSS receiver 110 itself. In another embodiment, the current geographicposition of GNSS receiver 110 is accessed by key server 140.

In step 770, a logical operation is performed to determine whether thegeographic identification from step 760 matches the current geographicposition of GNSS receiver 110. As described above, in one embodimentgeographic region comparator 524 determines whether the currentgeographic position of GNSS receiver 110 is within the geographic regionidentified in step 760 above.

In step 775, login to the control interface of GNSS receiver 110 isprevented. In one embodiment, if the current geographic position of GNSSreceiver 110 is not within the geographic region identified in step 760,login to the control interface (e.g., 540 of FIG. 5) is prevented.

In step 780, access to the control interface of GNSS receiver 110 isallowed. In the embodiment of FIGS. 7A and 7B, it has been determinedthat GNSS receiver 110 is within the geographic region in whichgeospatial data collection device 120 is allowed to configure and/orretrieve data from GNSS receivers located therein. Furthermore, theidentity of geospatial data collection device 120 has also beenauthenticated. As a result, GNSS receiver 110 allows geospatial datacollection device 120 to access its control interface (e.g., 540 of FIG.5). In another embodiment, key server 140 facilitates the accessing ofGNSS receiver 110 by geospatial data collection device 120.

In step 785, a logical operation is performed to determine whether atimeout period has expired. In one embodiment, periodicre-authentication of geospatial data collection device 120 may berequired by GNSS receiver 110, or by key server 140. If a timeoutinterval has not yet elapsed, or if a timeout period is not defined,method 700 returns to step 780. If the timeout period has elapsed,method 700 returns to step 725 and new challenge data is generated byGNSS receiver 110, or by key server 140.

FIG. 8 is a flowchart of a method 800 for implementing login protectionto a Global Navigation Satellite System (GNSS) receiver in accordancewith an embodiment of the present invention. In step 810 of FIG. 8, ageospatial data collection device which is configured to becommunicatively coupled with a GNSS receiver is authenticated. Asdescribed above,

In step 820 of FIG. 8, it is determined that the geospatial datacollection device is authorized to collect data from a geographic regionin which the GNSS receiver is located.

In step 830 of FIG. 8, the geospatial data collection device ispermitted to access a control interface of the GNSS receiver.

FIG. 9 is a flowchart of another method 900 for implementing loginprotection to a Global Navigation Satellite System (GNSS) receiver inaccordance with an embodiment of the present invention. In step 910 ofFIG. 9, a decryption key which is uniquely associated with at least onegeospatial data collection device is accessed.

In step 920 of FIG. 9, the geospatial data collection device is verifiedusing the decryption key.

In step 930 of FIG. 9, the geospatial data collection device ispermitted to access a control interface of the GNSS receiver.

FIG. 10 is a flowchart of another method 1000 for implementing loginprotection to a Global Navigation Satellite System (GNSS) receiver inaccordance with an embodiment of the present invention. In step 1010 ofFIG. 10, a geographic region identification descriptive of a geospatialdata collection device is determined.

In step 1020 of FIG. 10, it is determined that the geographic regionidentification corresponds to a current geographic position of a GNSSreceiver.

In step 1030 of FIG. 10, the geospatial data collection device ispermitted to access a control interface of the GNSS receiver.

FIG. 11 shows an exemplary electronic device (e.g., key server 140) inaccordance with embodiments of the present invention. In FIG. 11computer system 1100 includes an address/data bus 1101 for conveyingdigital information between the various components, a central processorunit (CPU) 1102 for processing the digital information and instructions,a volatile main memory 1103 comprised of volatile random access memory(RAM) for storing the digital information and instructions, and anon-volatile read only memory (ROM) 1104 for storing information andinstructions of a more permanent nature. In addition, computer system1100 may also include a data storage device 1105 (e.g., a magnetic,optical, floppy, or tape drive or the like) for storing vast amounts ofdata. It should be noted that the software program for performing GNSSreceiver login protection and prevention of the present invention can bestored either in volatile memory 1103, data storage device 1105, or inan external storage device (not shown).

Devices which are optionally coupled to computer system 1100 include adisplay device 1106 for displaying information to a computer user, analpha-numeric input device 1107 (e.g., a keyboard), and a cursor controldevice 1108 (e.g., mouse, trackball, light pen, etc.) for inputtingdata, selections, updates, etc. Computer system 1100 can also include amechanism for emitting an audible signal (not shown).

Returning still to FIG. 11, optional display device 1106 of FIG. 11 maybe a liquid crystal device, cathode ray tube, or other display devicesuitable for creating graphic images and alpha-numeric charactersrecognizable to a user. Optional cursor control device 1108 allows thecomputer user to dynamically signal the two dimensional movement of avisible symbol (cursor) on a display screen of display device 1106. Manyimplementations of cursor control device 1108 are known in the artincluding a trackball, mouse, touch pad, joystick, or special keys onalpha-numeric input 1107 capable of signaling movement of a givendirection or manner displacement. Alternatively, it will be appreciatedthat a cursor can be directed and/or activated via input fromalpha-numeric input 1107 using special keys and key sequence commands.Alternatively, the cursor may be directed and/or activated via inputfrom a number of specially adapted cursor directing devices.

Furthermore, computer system 1100 can include an input/output (I/O)signal unit (e.g., interface) 1109 for interfacing with a peripheraldevice 1110 (e.g., a computer network, modem, mass storage device,etc.). Accordingly, computer system 1100 may be coupled in a network,such as a client/server environment, whereby a number of clients (e.g.,personal computers, workstations, portable computers, minicomputers,terminals, etc.) are used to run processes for performing desired tasks.In particular, computer system 1100 can be coupled in a system for GNSSreceiver login protection and prevention.

Embodiments of the present invention, a method and system for GNSSreceiver login protection and prevention, are thus described. While thepresent invention has been described in particular embodiments, itshould be appreciated that the present invention should not be construedas limited by such embodiments, but rather construed according to thefollowing claims.

1. A method for implementing login protection to a Global NavigationSatellite System (GNSS) receiver, said method comprising: authenticatinga geospatial data collection device which is configured to becommunicatively coupled with said GNSS receiver; determining that saidgeospatial data collection device is authorized to collect data from ageographic region in which said GNSS receiver is located; and permittingsaid geospatial data collection device to access a control interface ofsaid GNSS receiver.
 2. The method as recited in claim 1 wherein saidauthenticating comprises: receiving an identification which is assignedto said geospatial data collection device and a second identificationwhich is assigned to said GNSS receiver.
 3. The method as recited inclaim 2 wherein said authenticating further comprises: conveying arandomly generated sequence to said geospatial data collection device;receiving a response to said randomly generated sequence from saidgeospatial data collection device; and verifying said response using adecryption key.
 4. The method as recited in claim 3 further comprising:selecting said decryption key based upon said identification and saidsecond identification.
 5. The method as recited in claim 3 wherein saiddetermining further comprises: deriving a geographic regionidentification from said identification in response to said verifying;using said GNSS receiver to determine a current geographic position ofsaid GNSS receiver; comparing said geographic region identification withsaid current geographic position; and determining that said geographicregion identification corresponds to said current geographic position.6. The method as recited in claim 5 wherein said deriving furthercomprises: using a second decryption key to derive said geographicregion identification from said identification.
 7. The method as recitedin claim 1 further comprising: using an electronic devicecommunicatively coupled with said geospatial data collection device andwith said GNSS receiver to perform said authenticating, saiddetermining, and permitting.
 8. A method for implementing loginprotection to a Global Navigation Satellite System (GNSS) receiver, saidmethod comprising: accessing a decryption key which is uniquelyassociated with at least one geospatial data collection deviceconfigured to be communicatively coupled with said GNSS receiver;verifying said geospatial data collection device using said decryptionkey; and permitting said geospatial data collection device to access acontrol interface of said GNSS receiver.
 9. The method as recited inclaim 8 further comprising: conveying a randomly generated sequence tosaid geospatial data collection device; receiving a response to saidrandomly generated sequence from said geospatial data collection device;and verifying said response using said decryption key.
 10. The method asrecited in claim 8 further comprising: using a second decryption key toderive a geographic region identification from said identification. 11.The method as recited in claim 10 further comprising: using said GNSSreceiver to determine a current geographic position of said GNSSreceiver; comparing said geographic region identification with saidcurrent geographic position; and determining that said geographic regionidentification corresponds to said current geographic position.
 12. Themethod as recited in claim 8 further comprising: receiving anidentification which is assigned to said geospatial data collectiondevice and a product identification which is assigned to said GNSSreceiver; and using said identification and said product identificationto identify said decryption key and said second decryption key.
 13. Themethod as recited in claim 8 further comprising: using an electronicdevice communicatively coupled with said geospatial data collectiondevice and with said GNSS receiver to perform said accessing, saidverifying, and said permitting.
 14. A method for implementing loginprotection to a Global Navigation Satellite System (GNSS) receiver, saidmethod comprising: determining a geographic region identificationdescriptive of a geospatial data collection device configured to becommunicatively coupled with said GNSS receiver; verifying that saidgeographic region identification corresponds to a current geographicposition of said GNSS receiver; and permitting said geospatial datacollection device to access a control interface of said GNSS receiver.15. The method as recited in claim 14 further comprising: receiving anidentification which is assigned to said geospatial data collectiondevice and a product identification which is assigned to said GNSSreceiver.
 16. The method as recited in claim 15 further comprising:conveying a randomly generated sequence to said geospatial datacollection device in response to said receiving; receiving a response tosaid randomly generated sequence from said geospatial data collectiondevice; using said identification and said product identification toidentify a decryption key and a second decryption key; and verifyingsaid response using said decryption key.
 17. The method as recited inclaim 16 wherein said determining further comprises: using said seconddecryption key to derive said geographic region identification from saididentification.
 18. The method as recited in claim 17 wherein saidverifying further comprises: using said GNSS receiver to determine saidcurrent geographic position; and comparing said geographic regionidentification with said current geographic position.
 19. The method asrecited in claim 14 further comprising: using an electronic devicecommunicatively coupled with said geospatial data collection device andwith said GNSS receiver to perform said determining, said verifying, andsaid permitting.
 20. A system for implementing login protection to aGlobal Navigation Satellite System (GNSS) receiver, said systemcomprising: an authenticating component coupled with a communicationinterface for authenticating a geospatial data collection device whichis configured to be communicatively coupled with said GNSS receiver; ageographic location verifier coupled with said authenticating component,said geographic location verifier for determining that said geospatialdata collection device is authorized to collect data from a geographicregion in which said GNSS receiver is located; and a control interfaceenabler coupled with said authenticating component and with saidgeographic location verifier, said control interface enabler forpermitting said geospatial data collection device to access a controlinterface of said GNSS receiver.
 21. The system of claim 20 wherein saidauthenticating component further comprises: an identification receiverfor receiving an identification from said geospatial data collectiondevice and wherein said identification is assigned to said geospatialdata collection device; a product identification receiver for receivinga product identification from said geospatial data collection device andwherein said product identification is assigned to said GNSS receiver;and a decryption key identifier coupled with said identificationreceiver and with said product identification receiver, said decryptionkey identifier for identifying a decryption key based upon saididentification and said product identification.
 22. The system of claim21 wherein said authenticating component further comprises: a sequencegenerator for generating a random sequence which is conveyed to saidgeospatial data collection device; a response receiver for receiving aresponse to said random sequence from said geospatial data collectiondevice; and a geospatial data collection device verifier coupled withsaid response receiver and with said decryption key identifier, saidgeospatial data collection device verifier for verifying said responseusing said decryption key.
 23. The system of claim 22 wherein saidgeographic location verifier further comprises: a geographic regionidentification deriver for deriving said geographic region from saididentification using a second decryption key which is identified by saiddecryption key identifier; a geographic position input for receiving acurrent geographic position of said GNSS receiver; and a geographicregion comparator for comparing said geographic region identificationwith said current geographic position and for determining that saidgeographic region identification corresponds to said current geographicposition.
 24. The method as recited in claim 23 wherein said geographicregion identification deriver further comprises: an identification inputcoupled with said identification receiver and with said geographicregion identification deriver; and a decryption key input coupled withsaid decryption key identifier and with said geographic regionidentification deriver.